CVE-2024-39828

R74n Sandboxels 1.9 through 1.9.5 allows XSS via a message in a modified saved-game file. This was fixed in a hotfix to 1.9.5 on 2024-06-29...

EUVD-2025-28013

Malicious code in bioql PyPI...

SonicWall SMA1000 SSRF Vulnerability

A Server-side request forgery SSRF vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location.IMPORTANT: SonicWall PSIRT...

SMA1000 Pre-Authentication Remote Command Execution Vulnerability

Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console AMC and Central Management Console CMC, which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS...

XenServer and Citrix Hypervisor Security Update for CVE-2024-45818

Description of Problem An issue has been identified that affects both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR and allows a malicious administrator of a guest VM to cause the host to crash or become unresponsive. This issue has the following identifier: CVE-2024-45818 What Customers Should ...

CVE-2022-31322

Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables...

OPENSUSE-SU-2021:0647-1 Security update for netdata

This update for netdata fixes the following issues: - Update to 1.29.3 Release v1.29.3 is a patch release to improve the stability of the Netdata Agent. We discovered a bug that when proc.plugin attempts to collect the operstate parameter for a virtual network interface. If the chart is obsoleted...

Privacy Bug in Brave Browser Exposes Dark-Web Browsing History of Its Users

Brave has fixed a privacy issue in its browser that sent queries for .onion domains to public internet DNS resolvers rather than routing them through Tor nodes, thus exposing users' visits to dark web websites. The bug was addressed in a hotfix release V1.20.108 made available yesterday. Brave...

GHSA-3GW4-M5W7-V89C Uncontrolled Resource Consumption in Indy Node

Summary Indy Node has a bug in TAA handling code. The current primary can be crashed with a malformed transaction from a client, which leads to a view change. Repeated rapid view changes have the potential of bringing down the network. Discovery On May 18, Evernym's monitoring of Sovrin StagingNe...

F-Secure Anti-Virus for Linux fails to properly detect Sober.D virus

Overview F-Secure Anti-Virus for Linux contains a flaw that may prevent it from properly detecting the Sober.D virus. A hotfix for this vulnerability has been released. Description F-Secure Anti-Virus version 4.52 for Linux contains a flaw that may prevent it from properly detecting the Sober.D...

MS02-055: Unchecked Buffer in Windows Help Facility Could Enable Code Execution (323255)

The remote host contains a version of the HTML Helpfacility ActiveX control module that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and enticing a victim to visit it. C Tenable Network Security, Inc. include"compat.inc"; if description...

MDKSA-2001:080 - Zope update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrake Linux Security Update Advisory Package name: Zope Date: October 15th, 2001 Advisory ID: MDKSA-2001:080 Affected versions: 7.1, 7.2, Corporate Server 1.0.1 Problem Description: A new Zope hotfix is available that fixes a problem with DTML...